lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 15 Nov 2005 16:47:03 -0700
From: <noreply@...urityfocus.com>
To: bugtraq@...urityfocus.com
Subject: [securityzone@...romedia.com: Macromedia Security Bulletins]


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Macromedia Security Bulletins: 

- Contribute Publishing Server 
- Flash Communication Server 
- Breeze Communication Server and Breeze Live Server 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
 
MPSB05-08 Contribute Publishing Server Password Encryption

Summary: 

Macromedia Contribute Publishing Server (CPS) 1.11 includes 
a security update that addresses an issue related to user 
password encryption in connection keys that use shared FTP 
login credentials.

Solution: 

Macromedia CPS customers should upgrade their licensed 
software to Macromedia CPS 1.11, which includes the product 
fix to this issue.

Learn more: 
http://www.macromedia.com/go/mpsb05-08  

Contribute Publishing Server Support Center:        
http://www.macromedia.com/support/cps/downloads.html  
 
~~~~~~~ 

MPSB05-09 Security Patch for Insufficient Validation 
in Flash Communication Server

Summary: 

Macromedia Flash Communication Server MX does not 
sufficiently validate some RTMP data. This can cause 
server instability or crashes. 

Solution: 

Macromedia has released an update patch that can be 
downloaded and installed on the server.

Learn more:  
http://www.macromedia.com/go/mpsb05-09 

Flash Media Server Support Center: 
http://www.macromedia.com/go/fcs_updater

~~~~~~~ 

MPSB05-10 Security Patch for Insufficient Validation 
in Breeze Communication Server and Breeze Live Server
 
Summary: 

The Breeze Communication Server and Breeze Live Server 
do not sufficiently validate some RTMP data. This can 
cause server instability or crashes for licensed customers.

Solution: 

Macromedia has released an update patch that can be 
downloaded and installed on the server. 

Learn more:  
http://www.macromedia.com/go/mpsb05-10

Breeze Support Center: 
http://www.macromedia.com/go/breeze_licensed

~~~~~~~ 

Receiving Security Bulletins: 

When Macromedia becomes aware of a security issue that we  
believe significantly affects our products or customers, 
we will notify customers when appropriate. Typically this 
notification will be in the form of a security bulletin 
explaining the issue and the response. Macromedia customers 
who would like to receive notification of new security 
bulletins when they are released can sign up for our 
security notification service. 

For additional information on security issues at Macromedia, 
please visit: 
www.macromedia.com/resources/security 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ANY INFORMATION, PATCHES, DOWNLOADS, WORKAROUNDS OR FIXES 
PROVIDED BY MACROMEDIA IN THIS BULLETIN ARE PROVIDED "AS IS" 
WITHOUT WARRANTY OF ANY KIND. MACROMEDIA AND ITS SUPPLIERS 
DISCLAIM ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED OR 
OTHERWISE, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND 
FITNESS FOR A PARTICULAR PURPOSE. ALSO, THERE IS NO WARRANTY 
OF NON-INFRINGEMENT, TITLE OR QUIET ENJOYMENT. (USA ONLY) 
SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, 
SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. 

IN NO EVENT SHALL MACROMEDIA, INC. OR ITS SUPPLIERS BE 
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT 
LIMITATION, DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, 
SPECIAL, PUNITIVE, COVER, LOSS OF PROFITS, BUSINESS 
INTERRUPTION OR THE LIKE, OR LOSS OF BUSINESS DAMAGES, 
BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF 
CONTRACT, BREACH OF WARRANTY, TORT(INCLUDING NEGLIGENCE), 
PRODUCT LIABILITY OR OTHERWISE, EVEN IF MACROMEDIA, INC. 
OR ITS SUPPLIERS OR THEIR REPRESENTATIVES HAVE BEEN 
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. (USA ONLY) 
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF 
LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE 
ABOVE EXCLUSION OR LIMITATION MAY NOT APPLY TO YOU AND 
YOU MAY ALSO HAVE OTHER LEGAL RIGHTS THAT VARY FROM STATE 
TO STATE. 
  
Macromedia reserves the right, from time to time, to update 
the information in this document with current information. 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Macromedia Support, Privacy, and Unsubscribe Information 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

Macromedia Support:  
http://www.macromedia.com/support/ 

Macromedia and your privacy: 
http://www.macromedia.com/help/privacy.html 

Contact Macromedia: 
Thank you for your continued interest in Macromedia products. 
If you'd rather not receive updates about events, classes, or  
products, write to newsflash@....macromedia.com and type 
"no thanks" in the Subject line. You may also change your 
communication preferences by visiting this web page: 

Macromedia, 601 Townsend St., San Francisco, California 94103 



Powered by blists - more mailing lists